Use the various StringUtils
methods to validate user input; isNumeric(
)
, isAlpha()
, isAlphanumeric()
, and isAlphaSpace()
verify that a string does not contain any undesired
characters:
String state = "Virginia" System.our.println( "Is state number? " + StringUtils.isNumeric( state ) ); System.our.println( "Is state alpha? " + StringUtils.isAlpha( state ) ); System.our.println( "Is state alphanumeric? " + StringUtils.isAlphanumeric( state ) ); System.our.println( "Is state alphaspace? " + StringUtils.isAlphaspace( state ) );
This code tests the string "Virginia" against four validation methods, producing the following output:
Is state a number? false Is state alpha? true Is state alphanumeric? true Is state alphaspace? true
StringUtils.isNumeric( )
returns true if the string being tested contains only digits from 0 to
9. If you are asking a user to input a numerical value, such as year or
age, you need to have a way to ensure that the input supplied is, in
fact, a numeric value:
String test1 = "1976"; String test2 = "Mozart"; boolean t1val = StringUtils.isNumeric( test1 ); boolean t2val = StringUtils.isNumeric( test2 ); System.out.println( "Is " + test1 + " a number? " + t1val ); System.out.println( "Is " + test2 + " a number? " + t2val );
This code tests two strings and produces the following output:
Is 1976 a number? true Is Mozart a number? false
You can use the following code to see if a string contains only letters or a combination of letters and numbers:
String test1 = "ORANGE"; String test2 = "ICE9"; String test3 = "ICE CREAM"; String test4 = "820B Judson Avenue"; boolean t1val = StringUtils.isAlpha( test1 ); // returns true boolean t2val = StringUtils.isAlphanumeric( test2 ); // returns true boolean t3val = StringUtils.isAlphaSpace( test3 ); // returns true boolean t4val = StringUtils.isAlphanumericSpace( test4 ); // returns true
User supplied input can rarely be trusted. If you have asked the
user to supply an age, a year, or a day of the week, you will need to
then validate that input. Or, if you have asked the user to type in a
name, you will want to make sure that the supplied name contains only
letters and acceptable punctuation. An application with inadequate input
validation will frequently fail, and produce unsightly stack traces
caused by either NumberFormatException
s or NullPointerException
s. An application should
be able to gracefully handle the most nonsensical input without missing
a beat, and prompt the user for a valid input. Tools such as Commons
Validator provide a framework to validate the contents of a JavaBean,
but at a much lower level, the StringUtils
class in Commons Lang provides
some useful utilities for examining the contents of a string.
Input forms frequently need to validate a user's name. In this case, it is important to remember that certain names have apostrophes and dashes. If you are validating a name, always make sure that you allow for names with punctuation. Here is an example that validates a name with a dash, an apostrophe, and a period:
String name1 = "Tim O'Reilly"; String name2 = "Mr. Mason-Dixon!"; String punctuation = ".-'"; String name1Temp = StringUtils.replaceChars( name1, punctuation, ""); String name2Temp = StringUtils.replaceChars( name1, punctuation, ""); boolean t1val = StringUtils.isAlpha( name1Temp ); // returns true boolean t2val = StringUtils.isAlpha( name2Temp ); // returns false
"Tim O'Reilly" is a valid name, but you need to use the StringUtils.replaceChars( )
method to throw
out punctuation before you can pass both of the names to the StringUtils.isAlpha( )
method. "Mr.
Mason-Dixon!" is not a valid name, because an exclamation point is not
on the list of valid name punctuation. As an Irishman, I encourage you
to always check your name validation with names like "O'Toole" or
"O'Brien," and, as the world continues to shrink, more exceptions to the
rule, like "Al-Sa'ud," will become more prevalent; your system should
not force someone to change their name. Speaking from personal
experience, it is insulting when a web site or an application forces you
to change your name, and it is a quick way to alienate your customers. I
cannot begin to tell you how many web sites have shown me a nasty Open
Database Connectivity (ODBC) error page or stack trace after I've told
them my last name—it is frustrating.